/dev/urandom and /dev/random
Currently the permissions settings for these devices are uncertain.
MAKEDEV makes /dev/urandom mode 444 and /dev/random either mode 444 or more
666.
For devfs I plan to make them both mode 644. From reading the latest kernel
source I see that writing to either of them gives the same result (so having
different write permissions for them makes no sense). The boot script
/etc/init.d/urandom from the sysvinit package writes to /dev/urandom so root
write access makes sense to me (sure root can write to it anyway but I think
that the permissions should reflect the usage for clarity).
Also I suspect that if a malicious user ran "cat /dev/zero > /dev/random"
then they could poison the random number pool so I think that mode 644 is the
correct permissions for both devices.
Let me know if you disagree. If there's no complaints then I'll file a bug
against makedev to make it do the same.
--
http://www.coker.com.au/bonnie++/ Bonnie++ hard drive benchmark
http://www.coker.com.au/postal/ Postal SMTP/POP benchmark
http://www.coker.com.au/projects.html Projects I am working on
http://www.coker.com.au/~russell/ My home page
Reply to: